Digital security is of paramount importance these days, especially now that even young children use devices like smartphones, tablets, and laptops. While web browsers for desktop computers and mobile devices typically receive regular security updates, this is often not the case for browsers integrated into video game consoles, televisions, e-readers, cars, and other devices. These outdated, built-in browsers can expose users to phishing attacks and other security vulnerabilities. In other words, users are vulnerable to hacking.
Digital devices often include a built-in browser that opens websites or displays online content
Researchers affiliated with the DistriNet Research Unit at KU Leuven in Belgium have discovered that newly released devices may contain browsers several years old and include known security vulnerabilities. This is because web browsers built into devices such as tablets, video game consoles, and cars may seem harmless at first glance. Digital devices often include a built-in browser that opens websites or displays online content. A smart TV for watching videos on a large screen, for example, or an e-reader that also allows users to look up information. These built-in browsers look like normal browsers, but many rarely or never receive security updates. A study by KU Leuven shows that these browsers often run very outdated software that has not received the necessary security updates.
Some manufacturers, who advertised free security updates, did not offer security updates for the browser
Users are often unaware of it, but they are at greater risk of being hacked. In many cases, the device’s browser came with an outdated version upon delivery. In some cases, this outdated version was more than three years old. Therefore, they can be vulnerable to hacking, even if users only use them occasionally. Manufacturers are not transparent and sometimes even provide misleading information. The study revealed that some manufacturers, who advertised free security updates for their devices, did not offer security updates for the browser.
The researchers cited several case studies that assessed the vulnerability of devices with outdated browsers
As a consumer, it’s often difficult, or even impossible, to verify whether a device’s built-in browser will receive security updates. According to the Catholic University of Louvain, a study revealed that some device manufacturers don’t offer security updates for their browsers, despite advertising free updates. More and more people are using devices with built-in browsers, often without realizing it. This study demonstrates that these built-in browsers are significantly outdated in terms of security, despite appearing modern and reliable. In fact, the researchers cited several case studies that assessed the vulnerability of devices with outdated browsers.
“Manufacturers do not typically offer software updates that include an update for the built-in browser”
As we noted above, due to manufacturers’ lack of transparency, consumers unfortunately have few opportunities to improve the security of their products. “It is worth noting that, after four software updates, the built-in browser remained unpatched,” the researchers pointed out, adding that the company lacked a security reporting channel and that support staff misrepresented the resolution of the issue. Consequently, the authors reported the matter to EU regulatory authorities. “Manufacturers do not typically offer software updates that include an update for the built-in browser. In many cases, browser updates are simply not available,” Franken states.
In short, experts conclude that widespread voluntary compliance with security regulations is unlikely. They also believe that regulations should require vendors to take responsibility for the security of the browsers they integrate into their products. Therefore, any attempt at self-protection is not a bad idea.